Skip to content

Feature and Cost for API gateway and ALB with Web ACL

Feature and Cost for API gateway and ALB with Web ACL

This document offers a brief yet insightful overview of two critical AWS services: Amazon API Gateway and ALB with Web ACL. We'll explore the key features that enhance API management and web traffic control, coupled with a concise cost analysis for informed decision-making.

API Gateway:

Feature:

  1. Fully Managed Operations:
  2. Simplifies API publishing, maintenance, and scaling.

  3. Pay-as-you-go model for secure and reliable API operations.

  4. Versatile API Creation:

  5. Quick creation and deployment of custom APIs linked to AWS services or external HTTP endpoints.

  6. User-friendly console for resource, method, and SDK management.

  7. Efficient Monitoring and Resiliency:

  8. Real-time API performance monitoring through integrated dashboard and CloudWatch.

  9. Traffic management features like throttling rules and caching for backend system efficiency.

  10. Rate Limiting for Traffic Control:

  11. Implement rate limiting rules to control requests per second for each API method.

  12. Ensures optimal traffic management and prevents abuse.

  13. Private Integrations with AWS ELB & AWS Cloud Map:

  14. Route requests to private resources in your Virtual Private Cloud (VPC).

  15. Use HTTP APIs for building APIs for services behind private Application Load Balancers (ALBs), Network Load Balancers (NLBs), and IP-based services registered in AWS Cloud Map, such as ECS tasks.

  16. API Keys for Third-Party Developers:

    • Manage the ecosystem of third-party developers accessing your APIs.
    • Create API keys, set fine-grained access permissions, and distribute them to third-party developers.
    • Define plans that set throttling and request quota limits for each individual API key.
    • Optional use of API keys on a per-method level.

Cost:

  • Number of Requests (per month):
  • First 300 million: $1.05 per million
  • 300+ million: $0.95 per million


ALB with Web ACL:

Feature:

  1. Precise Control with Scope-Down Statements:
  2. AWS WAF allows scope-down statements for rate-based rules.

  3. Enables precise control over requests for aggregation, counting, and rate limiting.

  4. Dynamic Rate Limiting Criteria:

  5. Rate-based rule actions based on criteria like scope-down statements and exceeding specified request counts.

  6. Ensures effective rate limiting.

  7. Efficient Algorithm for Request Rates:

  8. AWS WAF uses an efficient algorithm for estimating request rates, refreshing approximately every 30 seconds.

  9. Effectively controls high request rates with a focus on recent requests.

  10. Versatile Rule Actions:

  11. Rate-based rules offer versatile actions like blocking, counting, CAPTCHA, or Challenge responses.
  12. Provides flexibility in handling requests exceeding defined rate limits.

Cost:

  • Resource Type:
  • Web ACL: $5.00 per month (prorated hourly)
  • Rule: $1.00 per month (prorated hourly)

  • Request: $0.60 per 1 million requests (for inspection up to 1500 WCUs and default body size*)

  • Bot Control and Fraud Control:

  • Additional cost as per tabs above.

Comments